Stenographer Logo

Stenographer

0
Free
Visit Website

Stenographer is a full-packet-capture utility designed for buffering packets to disk for intrusion detection and incident response purposes. It offers high-performance NIC-to-disk packet writing, efficient disk management to handle file deletion as disk space fills up, and easy retrieval of specific packet sets. It excels in quickly writing packets to disk at speeds of around 10Gbps on multi-core, multi-disk systems, managing disk usage to store longer durations during traffic lulls, and deleting the oldest packets when reaching disk limits. However, it is not suitable for complex packet processing like TCP stream reassembly, as its focus on speed sacrifices such functionalities. Additionally, reading back large amounts of packets (>1% of packets written) can lead to disk read and write competition issues.

FEATURES

ALTERNATIVES

Identify unintended network access to AWS resources and ensure network security by analyzing network reachability conditions.

A tool for scanning networks, enumerating Siemens PLCs, and gathering detailed information about them.

Smart traffic sniffing tool for penetration testers

An analyzer for parsing GQUIC traffic in Zeek, supporting versions Q039 to Q046, with a fingerprinting method named 'CYU' for detecting anomalous GQUIC traffic.

OpenSnitch is a GNU/Linux application firewall with interactive outbound connections filtering and system-wide domain blocking capabilities.

Tool for setting up Glutton, a cybersecurity tool for monitoring SSH traffic.

A set of Go-based emulators for testing network security and analyzing network traffic.

An intrusion prevention system for SSH that blocks IP addresses after a set number of consecutive failed login attempts.